非法值校验

2025-09-30 15:58:29 +08:00 · 2025-09-30 15:58:29 +08:00 · f9ecdf53bf
parent 219169c25b
commit f9ecdf53bf
1 changed files with 1 additions and 0 deletions
--- a/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
+++ b/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
@ -44,6 +44,7 @@ public class XssRequestWrapper extends HttpServletRequestWrapper {
    static {
        // 初始化忽略校验的URL路径
        IGNORE_SPECIAL_CHARS_URLS.add("/smartArchives/system/user/resetPwd");
+        IGNORE_SPECIAL_CHARS_URLS.add("/smartArchives/system/user/profile/updatePwd");
        // 可以根据需要添加更多修改密码的URL

        // 初始化需要忽略的特殊字符模式